oh, sorry, let me clarify one thing I said wrong.

There are two types of asymmetric cryptography (not actually the whole story but will do for now) signing, and exchange.

you create a signature with a signing (private) key, and it's verified with a corresponding public key.

Then there are also exchange keys, or called diffie-helman keys. There isn't really a widely used name for this type of key, mainly i think because it doesn't have a simple real-world metaphor like "signing" does. Anyway, exchange keys take *your* public key, and *my* secret key then combines the together to produces a shared exchange key.

In `nacl`

this operation is called `scalarmult`

. That is an implementation detail really, in classic DiffieHelman a different mathematical operation is used, but it has the same behavior. That is, we can each take the other's public key, and our own secret key, and produce a key that essentially represents a relationship between us.

In nacl both types of keys are used, signing keys are ed25519 keys, and exchange keys are curve25519 keys. `sign`

uses `ed25519`

keys, and `scalarmult`

takes `curve25519`

.`box`

takes two exchange keys, and then uses `scalarmult`

internally. There is also another function `secretbox`

that just takes a symmetric key, say the output of `scalarmult`

.

To encrypt a private key, you probably don't encrypt it *to* anyone, so `secretbox`

is the one to use. Also, you'll need to generate the key the first time, and then later, you'll need to restore it. To do that, you need a *seed*. That is just a random number, but make sure it's *really* random. instead of encrypting the private key, encrypt the seed, then regenerate the keypair from that seed.